CVE Prioritization
Triage CVEs by EPSS, CISA KEV, PoC availability, attack complexity, and in-feed incidents.
50
Total CVEs
2
Critical
0
KEV / Exploited
1
PoC Exists
0
Zero Day
3
Patch Available
| CVE ID | Published | Severity | EPSS Score | Complexity | Status | PoC | Patch | Due Date | Feed Hits | Description | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cau | Details | |
| 08 Jun 2026 | MEDIUM 6.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of | Details | |
| 08 Jun 2026 | HIGH 7.1 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authent | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., </style\t>) are not recognized by the sa | Details | |
| 08 Jun 2026 | HIGH 8.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable | Details | |
| 08 Jun 2026 | HIGH 7.5 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execut | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 t | Details | |
| 08 Jun 2026 | MEDIUM 6.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the | Details | |
| 08 Jun 2026 | MEDIUM 6.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function o | Details | |
| 08 Jun 2026 | HIGH 7.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A flaw has been found in CodeAstro Student Attendance Management System 1.0. The impacted element is an unknown function | Details | |
| 08 Jun 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar f | Details | |
| 08 Jun 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | 0 | samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only esca | Details | |||
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potentia | Details | |
| 08 Jun 2026 | MEDIUM 6.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account | Details | |
| 08 Jun 2026 | MEDIUM 6.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function | Details | |
| 08 Jun 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the f | Details | |
| 08 Jun 2026 | CRITICAL 9 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might a | Details | |
| 08 Jun 2026 | MEDIUM 4.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Missing authorization in the deleted user groups API in Devolutions Server allows an authenticated low-privileged user t | Details | |
| 08 Jun 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileg | Details | |
| 08 Jun 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Serv | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutra | Details | |
| 08 Jun 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file | Details | |
| 08 Jun 2026 | LOW 3.7 |
0.0%
|
HIGH |
—
|
— | — | 0 | A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file | Details | ||
| 08 Jun 2026 | MEDIUM 4.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/v | Details | |
| 08 Jun 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formPPPEdit of the file | Details | |
| 08 Jun 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Lea | Details | |
| 08 Jun 2026 | HIGH 7.1 |
0.0%
|
LOW |
—
|
— | — | 0 | Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user ho | Details | ||
| 08 Jun 2026 | HIGH 8.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TEST_CONNECTION | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to preven | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference I | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on mod | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject coh_none PAT index for CPU cach | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix use-after-free in scpsys_ge | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent repor | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: flow_dissector: do not dissect PPPoE PFC frames RF | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: os_dep: avoid NULL pointer dere | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent a | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/po | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Gi | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super( | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handle | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: net: libwx: use request_irq for VF misc interrupt | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A ch | Details | |
| 08 Jun 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in __kvm_apic_update_irr even | Details |